﻿using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using com.pro2e.console.core.hibernate;
using NHibernate;
using com.pro2e.console.service.auth;
using com.pro2e.console.service.auth.vo;
using System.Web.SessionState;
using com.pro2e.web.util.page;
using System.IO;

/// <summary>
/// ErrorModule 的摘要描述
/// </summary>
/// 
namespace com.pro2e.web.auth
{
    public class SecurityModule : IHttpModule, IRequiresSessionState
    {
        log4net.ILog log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
        HttpHelper httpHelper = new HttpHelper();

        private readonly string ERROR_PAGE = "~/common/error/ipillegal.aspx";


        public SecurityModule()
        {

        }

        #region Fields and Properties

        #endregion

        #region IHttpModule Members

        public void Init(HttpApplication application)
        {
            application.AcquireRequestState += new EventHandler(CheckIP);

        }

        public void Dispose() { }

        #endregion

        public void CheckIP(object sender, EventArgs e)
        {
            HttpApplication application = (HttpApplication)sender;

            string ip = httpHelper.GetUserIp(application.Context);

            Uri uri = application.Request.Url;
            string rawUrl = application.Request.RawUrl;

            //導換不檢查
            if (rawUrl.IndexOf("ipillegal.aspx") != -1)
            {
                return;
            }

            //限制資料夾


            if (!string.IsNullOrEmpty(ip))
            {
                if (IsLegalIp(application, ip))
                {
                    return;
                }

                //通過
                if (ip.IndexOf("192.168.") != -1 || ip.IndexOf("127.0.0.1") != -1)
                {
                    return;
                }
            }
            else
            {
                toErrorPate(application.Response);
            }
        }

        private bool IsLegalIp(HttpApplication application, string intoIp)
        {
            String IegalIpFile = application.Request.PhysicalApplicationPath + @"App_Code\com\pro2e\web\auth\config\IP.txt";

            log.Debug("IegalIpFile:" + IegalIpFile);

            if (!File.Exists(IegalIpFile))
            {

                return true;
            }
            else
            {

                string[] allLine = File.ReadAllLines(IegalIpFile);

                if (allLine != null && allLine.Length > 0)
                {
                    for (int i = 0; i < allLine.Length; i++)
                    {
                        if (!string.IsNullOrEmpty(allLine[i].Trim()) && intoIp.IndexOf(allLine[i].Trim()) != -1)
                        {
                            return true;
                        }
                    }
                }

            }

            return false;
        }

        private void toErrorPate(HttpResponse httpResponse)
        {
            httpResponse.Redirect(ERROR_PAGE);
        }

    }
}